Rights to privacy
nMerge Pty Ltd (ACN 608 832 935, ABN 58 608 832 935), trading as nMerge, (“nMerge”, “we” or “our”) understands the importance of protecting an individual’s right to privacy. We know that you care how information about you is used and shared and appreciate your trust that we will do so carefully and sensibly.
In handling your personal information, we are required to comply with the Privacy Act 1998 (Cth) (“Act”) and the ten National Privacy Principles (“NPPs”) under the Act. This policy may be updated from time to time.
Personal information is information that identifies an individual or from which an individual’s identity can reasonably be ascertained. This information may be about you, your business and investment activities and, if applicable, your family members and other dependants.
Collection of automatic information
When you use our website, we may automatically collect and store certain types of information relating to your use of this website.
Like many websites, we may also use “cookies”. Cookies are small files or alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser to enable our systems to recognise your browser and to us with provide information.
The types of automatic information we may collet and store include, but is not limited to:
– Your server address;
– Your IP address;
– Your top level domain name (for example .com, .gov, .au, .uk etc);
– The pages you accessed and documents downloaded;
– The website you visited immediately prior to accessing this website;
– Your navigation patterns; and
– The type of browser you are using.
Such information on its own may not necessarily identify an individual and may not constitute personal information. However, it provides us with data and statistics that we can use to analyse and improve our website and service offering.
You can delete and/or turn off cookies should you not wish this information to be kept. Please consult your IT professional for assistance if required.
Collection of personal information
Depending on your use of our website, we may also collect personal information relating to you. The kind of personal information that we may collect includes, amongst other things, your name, date of birth, addresses, e-mail addresses, telephone numbers, educational qualifications and experience, business details, industry segment details, business and investment activities, operational data and financial data. In addition, to the information we collect about you we may also collect similar information, which you have voluntarily provide to us.
If you engage us to provide any services, such as consulting services, we will collect further personal information from you. Information which we will collect may include your name, date of birth, addresses, e-mail addresses, telephone numbers, educational qualifications and experience, business details, industry segment details, business and investment activities, operational data and financial data. In some circumstances, we may also hold other personal information provided by you.
How does nMerge collect personal information?
Generally, we collect your personal information via our website and directly from you, by requesting that you provide personal and other information when you fill out an application form or other similar document or submit information to us via our website. There may be other occasions when we collect your personal information from you or from other sources, such as our partner firms (where you have provide this information to them and authorised them to disclose this information), from a publicly maintained record or from a third party information services provider.
Why do we need your personal information?
We collect your personal information for the purposes of:
(a) Providing access to our website and other related services;
(b) Responding to queries you submit to us;
(c) Facilitating and improving your business operations;
(d) Facilitating and improving our business operations;
(e) Providing you with information that may be of interest to you about our current and future products and/or services;
(f) Liaising with our partner firms, if any, in relation to the agreed deliverables in the Consulting Agreement and ancillary services;
(g) Advising the Australian Tax Office and other governmental authorities of your tax file number;
(h) Accounting, billing and other internal administrative purposes;
(i) Complying with our legal requirements under any applicable laws, including any applicable legislation; and
(j) Any other legal requirements which we must comply with.
You are under no obligation to provide your personal information to us. However, without receiving certain information from you, we may not be able to provide our services to you.
Who do we disclose your personal information to?
nMerge may use and disclose your personal information for the primary purpose for which it is collected, for reasonably expected secondary purposes, which are related to the primary purpose and in other circumstances authorised by the Act. That is, generally, we will only disclose your personal information for a purpose related to the achieving the deliverables outlined in the Consultancy Agreement and any other ancillary purposes.
The types of individuals and organisations to which we may disclose the information you provide us with include:
(a) Employees, agents, contractors and partner firms of nMerge for the purposes of deliverables as outlined in the Consultants Agreement on your behalf and for the operation and improvement of our business;
(c) Your financial advisers or other professional advisers;
(d) Any third party service provider which we may engage to provide administration, technology, auditing, custody, mailing, courier, printing or other services;
(e) Government and regulatory authorities (where required to by law); and
(f) Our professional advisers (including legal and accounting firms, auditors, consultants and other advisers).
We may also share aggregated demographic and statistical information with our partners, agents, advisers and advertisers. This is not linked to any personal information that can divulge the identity of our clients.
Finally, we may also disclose your information in any other circumstances where you have consented for us to do so.
Security and location of your personal information
We will take reasonable steps to ensure that the personal information we hold is protected against misuse, loss, unauthorised access, modification or disclosure.
If you choose to provide us with your personal information, you are agreeing to the processing and storage of your information both in Australia and countries outside of Australia, which may have data protection laws that differ from laws in your country.
Despite our security efforts, as is the case with all computer systems and networks connected to the Internet, we cannot guarantee the security of your personal information or any other information provided over the Internet and will not be responsible for any breaches of security.
Links to other websites
The nMerge website contains links to other websites. Please be aware that we, nMerge, are not responsible for the accuracy or the privacy practices of other such sites. We encourage our clients to be aware that when they leave our site, they should read the privacy statements of each and every web site that collects identifiable personal information. This privacy statement applies solely to information collected on this web site.
Transactional vs. Relationship Communication
TRANSACTIONAL: Some communications (for example, appointment reminders or client-nMerge direct communication) are considered transactional and are necessary for regular business practice. These communications will continue as long as clients receive services through nMerge or its programs and can only be ended upon written notification to nMerge.
RELATIONSHIP: Email communications such as newsletters, announcements and information not critical to a client’s relationship with nMerge are considered relationship communication and are sent to recipients on an opt-in/ consent basis. All such communication is managed through an outside vendor platform to ensure we are in compliance with FTC regulations regarding anti-spam and privacy.
Prior consent and opt-in clause
nMerge will always comply with CAN-SPAM and FTC regulations. http://business.ftc.gov/documents/bus61-can-spam-act-compliance-guide-business
Prior consent occurs when the email address/ contact information is initially given to nMerge. We include a short statement at the point at which the user submits their email/ contact information to the effect that these may be used for marketing communications unless the user expressly requests that they are not.
Example of prior consent clause:
By providing your email address, you consent to receive email notifications and information on behalf of nMerge. You may opt out of this email service at any time by contact us or following the opt-out instructions included in each email you receive.
The above consent statement is considered active consent by supplying the information. Another method to be properly employed is a “check box” or opt-out box.
In the print or electronic information collection form, an opt-out box may be used to indicate the individual DOES NOT want to receive communication on behalf of nMerge.
Example of opt-out clause:
[ ] I would like to receive email news and updates from nMerge and its products and services in addition to official business relating to my interaction with _product name_.
[ ] I would like to receive only emails that pertain to my official business with _product name_. (You will be placed on our do not mail list.)
Another simple example (shorter):
I would like nMerge to forward information about activities of the organization to my email address.
[ ] Yes [ ] No
We ensure that all marketing emails provide an easy and free means by which the user can opt-out of future marketing, and make sure that if they use this opt-out their request is adhered to in all future marketing. Once a user opts out of the email service, they cannot be added to the email database again unless the individual re-subscribed themselves. This protects us against potentially violating the do not mail and privacy regulations.
Each newly added email address receives a welcome notification with instructions regarding their opt-out opportunities.
Can you access the personal information that we hold about you?
Under the Act, you have a right to access your personal information that is collected and held by us. If at any time you would like to access or change the personal information we hold about you, or you would like more information on our approach to privacy, please let us know.
To obtain access to your personal information, we may request that you provide us with proof of your identity. This is necessary to ensure that personal information is provided only to the correct individuals and that the privacy of others is protected.
We will take all reasonable steps to provide access to your personal information within 30 days from your request. In less complex cases, we will attempt to provide information within 14 days.
If providing you with such access requires a detailed retrieval of your personal information, a fee may be charged for the cost of such retrieval and supply of information.
Revisions to this policy
How to contact us
For further information or enquiries regarding your personal information, please contact nMerge’s Privacy Compliance Manager at firstname.lastname@example.org or on +61 3 9 9763 9111.
Please direct all privacy complaints to nMerge’s Privacy Compliance Manager. At all times, privacy complaints:
– Will be treated seriously;
– Will be dealt with promptly;
– Will be dealt with in a confidential manner; and
– Will not effect your existing obligations or effect the commercial arrangements between you and us.
The Privacy Compliance Manager will commence an investigation into your complaint. You will be informed of the outcome of your complaint following the completion of the investigation. In the event you are dissatisfied with the outcome of your complaint, you may refer the complaint to the Federal Office of the Privacy Commissioner.